我已经能够从智能手机捕获 HTTP(s) 流量,并使用 mitmdump 使用命令存储此流量
mitmdump -w outfile
这似乎也HTTP body
与the一起倾倒headers
。我有兴趣只捕获标题,最好是作为单个 csv 行(或 json 字符串)。我怎样才能做到这一点?
我已经能够从智能手机捕获 HTTP(s) 流量,并使用 mitmdump 使用命令存储此流量
mitmdump -w outfile
这似乎也HTTP body
与the一起倾倒headers
。我有兴趣只捕获标题,最好是作为单个 csv 行(或 json 字符串)。我怎样才能做到这一点?
另一个基于先前响应并更新到 python3 的派生片段:
def response(flow):
print("")
print("="*50)
#print("FOR: " + flow.request.url)
print(flow.request.method + " " + flow.request.path + " " + flow.request.http_version)
print("-"*50 + "request headers:")
for k, v in flow.request.headers.items():
print("%-20s: %s" % (k.upper(), v))
print("-"*50 + "response headers:")
for k, v in flow.response.headers.items():
print("%-20s: %s" % (k.upper(), v))
print("-"*50 + "request headers:")
命令行:
mitmdump -q -v -s parse_headers.py -R http://localhost:9200 -p 30001
输出:
==================================================
GET / HTTP/1.1
--------------------------------------------------request headers:
CONTENT-TYPE : application/json
ACCEPT : application/json
USER-AGENT : Jakarta Commons-HttpClient/3.1
HOST : localhost
--------------------------------------------------response headers:
CONTENT-TYPE : application/json; charset=UTF-8
CONTENT-LENGTH : 327
您可以提取您需要的任何标题字段,例如,使用 mitmdump 和流对象(python 内联脚本)。内联脚本记录在这里:https ://mitmproxy.org/doc/scripting/inlinescripts.html
为了提取所有标题,我使用了以下命令:
$ mitmdump -n -q -s parse_headers.py -r <file>.mitm
parse_headers.py 内联脚本如下:
def response(context, flow):
request_headers = [{"name": k, "value": v} for k, v in flow.request.headers]
response_headers = [{"name": k, "value": v} for k, v in flow.response.headers]
print request_headers
print response_headers
你正在使用@rvaneijk,但我收到以下错误:
Script error: too many values to unpack
Script error: too many values to unpack
我在'too many values to unpack' 中找到了一个解决方案,迭代一个字典。key=>string, value=>list修改代码如下:
[root@npmjs npmo-server]# cat parse_headers.py
def response(context, flow):
request_headers = [{"name": k, "value": v} for k, v in flow.request.headers.iteritems()]
response_headers = [{"name": k, "value": v} for k, v in flow.response.headers.iteritems()]
print "################################"
print "FOR: " + flow.request.url
print flow.request.method + " " + flow.request.path + " " + flow.request.http_version
print "HTTP REQUEST HEADERS"
print request_headers
print "HTTP RESPONSE HEADERS"
print response_headers
print ""
其输出如下:
10.137.66.4:63870: clientdisconnect
################################
FOR: http://pe2enpmas300.corp.company.net:8081/csv-stringify
GET /csv-stringify HTTP/1.1
HTTP REQUEST HEADERS
[{'name': 'accept-encoding', 'value': 'gzip'}, {'name': 'authorization', 'value': 'Bearer d2e0770656a9726dfb559ea2ddccff3078dba9a0'}, {'name': 'version', 'value': '2.11.2'}, {'name': 'accept', 'value': 'application/json'}, {'name': 'referer', 'value': 'install restify'}, {'name': 'npm-session', 'value': 'a9a4d805c6392599'}, {'name': 'user-agent', 'value': 'npm/2.11.2 node/v0.10.25 linux x64'}, {'name': 'if-none-match', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'host', 'value': 'registry-e2e.npmjs.intuit.net'}, {'name': 'Connection', 'value': 'keep-alive'}, {'name': 'X-Forwarded-For', 'value': '10.181.70.43'}]
HTTP RESPONSE HEADERS
[{'name': 'X-Powered-By', 'value': 'Express'}, {'name': 'ETag', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'Date', 'value': 'Tue, 18 Oct 2016 08:04:45 GMT'}, {'name': 'Connection', 'value': 'keep-alive'}]
您可以按如下方式使用 Docker:
确保您对该文件具有读取权限。
docker run -ti -p 8080:8080 -v $PWD/parse_headers.py:/tmp/parse_headers.py
mitmproxy/mitmproxy mitmdump -s /tmp/parse_headers.py
-R http://npmjs.corp.company.net:8081 8080